Need to send long keyids to software-center to prevent MITM attack
Bug #1052789 reported by
Michael Vogt
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
Software Center Agent |
Fix Released
|
Critical
|
Anthony Lenton | ||
aptdaemon (Ubuntu) |
Fix Released
|
High
|
Unassigned | ||
Oneiric |
Fix Released
|
Undecided
|
Marc Deslauriers | ||
Precise |
Fix Released
|
Undecided
|
Marc Deslauriers | ||
Quantal |
Fix Released
|
Undecided
|
Unassigned | ||
Raring |
Fix Released
|
High
|
Unassigned |
Bug Description
In the subscriptions_
e.g. u'signing_key_id': u'1024r/75254d99'
These are vulnerable to man-in-the-middle attacks as its relatively easy to create collisions on them and sneak
in a different key into the keyring and compromise the system. Instead we need to send the long keyid. This
*should* be transparent to the client (but obviously we need to test that). It should send the long fingerprint,
e.g. 019A25FED88F961
fingerprint
CVE References
tags: | added: ca-escalated |
Changed in software-center-agent: | |
status: | New → In Progress |
importance: | Undecided → Critical |
importance: | Critical → High |
assignee: | nobody → Anthony Lenton (elachuni) |
importance: | High → Critical |
Changed in software-center-agent: | |
status: | In Progress → Fix Released |
Changed in aptdaemon (Ubuntu Oneiric): | |
assignee: | nobody → Marc Deslauriers (mdeslaur) |
Changed in aptdaemon (Ubuntu Precise): | |
assignee: | nobody → Marc Deslauriers (mdeslaur) |
information type: | Private Security → Public Security |
To post a comment you must log in.
This also affects aptdaemon, it is using:
proc = subprocess. Popen([ "/usr/bin/ apt-key" , "adv",
"- -keyserver" , keyserver,
"- -recv", keyid], stderr= subprocess. STDOUT,
stdout= subprocess. PIPE, close_fds=True)